RESPONSE UNDER 37 C.F.R. §1.111 
U.S. Appln.No.: 10/511,898 



Attorney Docket No.: Q83178 



REMARKS 

This Response, submitted in reply to the Office Action dated September 20, 2010 is 
believed to be fully responsive to each point of rejection raised therein. Accordingly, favorable 
reconsideration on the merits is respectfully requested. 

Claims 1-19 are all the claims pending in the application. 

I. Rejection of claims 17-18 under 35 U.S.C. § 102 

Claims 17-18 are rejected under 35 U.S.C. § 102(b) as being anticipated by Coss et al. 
(Coss hereinafter) (US Patent No. 6,170,012 Bl). Applicant traverses the rejection. 

For purposes of clarity in the record, Applicant request that the Examiner more 
particularly identify which element is being cited for teaching the claimed primary identifiers, 
parameterized rules, data comprising at least one parameter value, an existing one of the entries 
in said first table, and network data processing module. 

Claim 17 

Claim 17 recites: 

A method of processing network data, comprising: 

storing as entries in a first table, primary identifiers, each with one or more associated 
parameterized rules; 

receiving data comprising at least one parameter value; and 

making a determination whether said parameter value can be associated with an existing 
one of the entries in said first table; 

when the determination is affirmative, making a combination of said parameter value and 
said associated parameterized rules, and communicating said combination to a network data 
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processing module so as to direct the management of network data by said network data 
processing module; 

wherein each of said associated parameterized rules is specified according to a string of 
characters containing a place-holder for each parameter of said associated parameterized rule that 
is not statically defined, wherein the place-holder is relevant to the rule. 

The Examiner asserts that Coss anticipates the elements of claim 17. Fig. 3 of Coss 
illustrates security policies that can be represented by sets of access rules which are represented 
in tabular form and which are loaded into the firewall by a firewall administrator. In FIG. 3, the 
categories "Source Host," "Destination Host" and "Service" impose conditions which must be 
satisfied by data included in a packet for the specified action to be taken on that packet. See col. 
4, lines 1-15. 

The Examiner asserts that Coss teaches "receiving data comprising at least one parameter 
value" in col. 4, lines 8-11 and 26-29. The aspects of Coss cited by the Examiner describe the 
contents of the table of Fig. 3 and for a packet to satisfy a rule, each condition included in the 
rule must be met. For example, with reference to FIG. 3, a packet from source host A to 
destination host D and representing mail will be dropped under Rule 20. However, there is no 
teaching or suggestion of receiving data comprising at least one parameter value . 

Further, assuming the Examiner is citing the asterisk representing a wild card entry for 
teaching the claimed parameter value, there is no teaching or suggestion of making a 
determination as to whether said parameter value (asterisk) can be associated with an existing 
one of the entries in said first table. Col. 4, lines 22-29 of Coss describes that in rule processing 
for a packet, the rules are applied sequentially until a rule is found which is satisfied by the 
packet (or until the rule table is exhausted, in which case the packet is dropped). For a packet to 
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satisfy a rule, each condition included in the rule must be met. However, this does not teach or 
suggest making a determination whether said parameter value (asterisk) can be associated with 
an existing one of the entries in said first table. 

Claim 17 further recites "when the determination is affirmative, making a combination 
of said parameter value and said associated parameterized rules, and communicating said 
combination to a network data processing module so as to direct the management of network 
data by said network data processing module." The Examiner asserts that the step of caching the 
results, as described in Col. 5, lines 35-48 of Coss, teaches this aspect of the claim. However, 
there is no teaching or suggestion of making a combination of the asterisk (parameter value as 
cited by the Examiner) and associated parameterized rules. 

Claim 17 also recites "wherein each of said associated parameterized rules is specified 
according to a string of characters containing a place-holder for each parameter of said 
associated parameterized rule that is not statically defined, wherein the place-holder is relevant to 
the rule." 

Coss describes that when a category provided for in the rule table is irrelevant in a certain 
rule, the corresponding table entry can be marked as a "wild card." This can apply to any one or 
any combination of the categories. In FIG. 3 and elsewhere, an asterisk (*) is used for wild card 
entries. However, the wild card does not specify a primary metarule. The wild card is used 
when a rule in the table is irrelevant. As recited in claim 1, a primary metarule is specified 
according to a string of characters containing a place-holder for each parameter of said primary 
metarule that is not statically defined. The entries in the table of Coss do not teach or suggest the 
claimed primary metarules which are in corresponding relationship to primary identifiers. 
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Therefore, Coss does not anticipate the elements of claim 17. Consequently, claim 17 
should be deemed allowable. 

To the extent claim 18 recites similar subject matter, claim 18 should be deemed 
allowable for at least the same reasons. 

II. Rejection of claims 1-14 and 19 under 35 U.S.C. § 103 

Claims 1-14 and 19 are rejected under 35 U.S.C. § 103(a) as being unpatentable over 
Coss et al. (Coss hereinafter) (US Patent No. 6,170,012 Bl) in view of Bellinger et al (Bellinger 
hereinafter) (US 2002/0169858). 

Claim 1 

Claim 1 recites "a first table storing sets of at least one primary rule, called "primary 
metarules," in a parameterizable form and in corresponding relationship to primary 
identifiers." The Examiner asserts that Coss, Fig. 3, col. 2 and 4, lines 37-41 and 1-6, teaches 
this element of claim 1 because Coss discloses dynamic rules which values can be modified. 

Coss describes that a computer network firewall may make use of dynamic rules which 
are added to a set of access rules for processing packets. The dynamic rules allow a given rule set 
to be modified based on events happening in the network without requiring that the entire rule set 
be reloaded. Exemplary dynamic rules include a "one-time" rule which is only used for a single 
session, a time-limited rule which is used only for a specified time period, and a threshold rule 
which is used only when certain conditions are satisfied. Further, Coss describes that 
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security policies can be represented by sets of access rules which are represented in tabular form 
and which are loaded into the firewall by a firewall administrator. The table can provide for 
categories including rule number, designations of source and destination hosts, a designation of a 
special service which can be called for in a packet, and a specification of an action to be taken on 
a packet. 

However, there is no teaching or suggestion that the dynamic rules or the categories in 
the table (which the Examiner asserts teaches the claimed primary metarules) are in 
parameterizable form and are in corresponding relationship to primary identifiers. Fig. 3 
of Coss illustrates a table including a rule number, designations of source and destination hosts, a 
designation of a special service which can be called for in a packet, and a specification of an 
action to be taken on a packet. However, there is no teaching or suggestion that a rule number is 
in a parameterizable form, or that the rule number is in corresponding relationship to a primary 
identifier. See, for example, page 15, line 21-page 16, line 9, of the Applicant's originally filed 
specification for further clarification. 

Claim 1 further recites "management means which is coupled to control means of said 
data processing server and, on receipt of auxiliary data representing operating parameters 
that request reconfiguration of the control means , the auxiliary data delivered by said control 
means after reception by the data processing server of secondary data that requires 
reconfiguration of the control means , selects at least one of the primary identifiers in the 
first table and associates said auxiliary data therewith so as to define dedicated processes of 
said control means " 
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The Examiner asserts that col. 4, lines 3-6 and col. 5, lines 35-46 of Coss teach this 
aspect of the claim. Coss describes a firewall can be configured to utilize "stateful" packet 
filtering which stores in a cache the results of rule processing as applied to one or more packets. 
Stateful packet filtering may be implemented by caching rule processing results for received 
packets, and then utilizing the cached results to bypass rule processing for subsequent similar 
packets. For example, the results of applying a rule set to a packet of a given network session 
may be cached, such that when a subsequent packet from the same network session arrives in the 
firewall, the cached results from the previous packet are used for the subsequent packet. 

Therefore, Coss merely describes applying cached results to packets. There is no 
teaching or suggestion of auxiliary data representing operating parameters that request 
reconfiguration of the control means is received. Specifically, there is no teaching or suggestion 
of reconfiguring the control means. Further, for purposes of clarity in the record, Applicant 
requests that the Examiner more particularly identify which element of Coss is being cited for 
teaching the claimed control means and auxiliary data. 

Claim 1 further recites "wherein said at least one primary metarule is specified according 
to a string of characters containing a place-holder for each parameter of said primary metarule 
that is not statically defined." The Examiner asserts that col. 4, lines 15-21 of Coss teaches this 
aspect of the claim. 

Coss describes that when a category provided for in the rule table is irrelevant in a certain 
rule, the corresponding table entry can be marked as a "wild card." This can apply to any one or 
any combination of the categories. In FIG. 3 and elsewhere, an asterisk (*) is used for wild card 
entries. However, the wild card does not specify a primary metarule. The wild card is used 
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when a rule in the table is irrelevant. As recited in claim 1, a primary metarule is specified 
according to a string of characters containing a place-holder for each parameter of said primary 
metarule that is not statically defined. The entries in the table of Coss do not teach or suggest the 
claimed primary metarules which are in corresponding relationship to primary identifiers. 

The Examiner states that Coss does not teach request for reconfiguration of the control 
means and cites Bellinger to cure the deficiency. However, Bellinger does not cure the 
deficiencies of Coss disclosed above. Further, Bellinger discloses: 

Each service request, for both registration and 
activation, is sent via XML from the Service Provider's 
portal server to the central controller. The controller 
interprets the request by passing the service parameters 
through the pre-defined rules associated with the Service 
Offering and stored in the LDAP directory. These rules 
could be as simple as sending a configuration request to a 
Firewall to allow or deny access to specific ports, or it 
could be more complex as in the case of an Application 
Service where the central authority may have to pass access 
information to the application server, set up a VPN between 
the user and application server, punch through a firewall 
and modify the available bandwidth and QoS to the user. 

However, contrary to the Examiner's assertions, there is no teaching or suggestion of 
auxiliary data representing operating parameters that request reconfiguration of the control 
means , as claimed. 

Therefore, claim 1 and its dependent claims 2-8 and 19 should be deemed allowable. 
To the extent claims 9, 15, 17 and 18 recite similar subject matter, claims 9, 15, 17 and 
18 and dependent claim 16 should be deemed allowable for at least the same reasons. 
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Claim 13 

Claim 13 recites, inter alia, "wherein there are executed in parallel the selection of the 
primary or secondary metarules in the first table and the modification of the auxiliary data in 
the second table associated with the secondary identifier representing the selected primary or 
secondary metarules." 

Coss describes that dynamic rules allow a given rule set to be modified based on events 
happening in the network and dynamic rules include a "one-time" rule which is only used for a 
single session. However, there is no teaching or suggestion of the selection of the primary or 
secondary metarules in the first table, or of the modification of the auxiliary data in the second 
table associated with the secondary identifier representing the selected primary or secondary 
metarules, let alone, executing the selection and modification in parallel. 

Therefore, claim 13 should further be deemed allowable. 

III. Rejection of claims 15-16 under 35 U.S.C. § 103 

Claims 15-16 are rejected under 35 U.S.C. § 103(a) as being unpatentable over Coss et al. 
(Coss hereinafter) (US Patent No. 6,170,012 Bl) in view of Antur et al. (Antur hereinafter 
(6,243,815). To the extent claim 15 recites subject matter similar to independent claims 1,9, 17 
and 18, claim 15 and dependent claim 16 should be deemed allowable for at least the same 
reasons set forth above. Moreover, Antur does not cure the deficiencies of Coss. 
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IV. Conclusion 

In view of the above, reconsideration and allowance of this application are now believed 
to be in order, and such actions are hereby solicited. If any points remain in issue which the 
Examiner feels may be best resolved through a personal or telephone interview, the Examiner is 
kindly requested to contact the undersigned at the telephone number listed below. 

The USPTO is directed and authorized to charge all required fees, except for the Issue 
Fee and the Publication Fee, to Deposit Account No. 19-4880. Please also credit any 
overpayments to said Deposit Account. 

Respectfully submitted, 
/Ruthleen E. Uy/ 

SUGHRUE MION, PLLC Ruthleen E. Uy 

Telephone: (202) 293-7060 Registration No. 5 1 ,361 

Facsimile: (202) 293-7860 

CUSTOMER NUMBER 

Date: December 17, 2010 
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